2 Replies to “Brief conversation about disk encryption”

  1. Isn’t disk encryption rather pointless when the most crucial part of an OS, the kernel + modules are unencrypted somewhere on the disk?

    Unless you have verified exec or signed kmods or smth like that…

  2. This depends on your thread model. If you just want to protect a powered down lost/stolen computer than it works. If $spyAgency sends a evil maid to change your bootloader into keylogger than you’re screwed.

Comments are closed.

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Find out more about Webmentions.)

Mentions

  • Anonymous
  • Zoey4Ever